The North Korea-linked hacking group Lazarus is said to have stolen $13.5 million in a recent cyber-attack targeting SWIFT/ATM infrastructure of Cosmos Bank.
Hackers nicked $6 million from the Russian central bank last year via the SWIFT messaging system, according to report from the bank.
“The volume of unsanctioned operations as a result of [a single successful attack] amounted to 339.5 million roubles,” the bank said. Hackers gained control of one of the bank’s computers and used the SWIFT system to transfer money, according to a reportfrom Reuters.
Cautioning that “the stability of our financial institutions is threatened by these types of attacks,” Nick Bilogorskiy, cybersecurity strategist at Juniper Networks, said “they should serve as a call to action for international law enforcement cooperation on defending our global financial systems.”
Bilogorskiy sad that cybergangs typically use two methods for robbing bank – ATM jackpotting and SWIFT wire transfers. “Our banks and financial institutions are all interconnected today, which creates major risks and international groups of criminals in various countries are monetizing these risks,” he said.
By: Carolyn Crandall Last week, Attivo Networks participated in The Information Systems Security Association (ISSA)® event in San Diego, CA. With the theme of “the Digital Danger Zone,” the conference focused on topics ranging from incident response to application security to business skills for the information security professional. Apart from educational forums, publications, and peer interaction opportunities, ISSA hosted a capture the flag (CTF) event, which is always a fun way to test one’s practical information security knowledge. This year, Attivo participated in the CTF as well as a speaking session, Cybersecurity of Interbank Messaging and Wholesale Payment Networks.
Swift, the global banking platform used to manage money transfers between over 10,000 financial institutions, is urging its users to bulk up security amid revelations the US National Security Agency (NSA) exploited vulnerabilities in Microsoft products to spy on its clients.
Last week, a hacking group known as the Shadow Brokers published a batch of explosive documents alleging the NSA accessed the Swift network by compromising third party services in the Middle East and Latin America. The group previously released files exposing alleged NSA “cyberweapons”.
“Customers should pay close attention their own security and take security into consideration when selecting a service bureau and working with other third party providers,” the Brussels-based organisation said in a lengthy statement on 17 April (Monday).